package com.jcgyl.export.shiro;

import java.util.ArrayList;
import java.util.List;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import com.jcgyl.export.entity.Post;
import com.jcgyl.export.entity.Role;
import com.jcgyl.export.entity.Tbsysmenu;
import com.jcgyl.export.entity.Tbsysuser;
import com.jcgyl.export.service.UserInfoService;

/**
 * 
 * @author JL
 * shiro认证方法
 *
 */
public class MyRealm extends AuthorizingRealm {  
	  
	@Autowired
	private UserInfoService userInfoService;
   
    /** 
     * 登录验证 
     * JL
     * 
     */  
    @Override  
    protected AuthenticationInfo doGetAuthenticationInfo(  
            AuthenticationToken token) throws AuthenticationException {  
    System.out.println("----------------------->认证====="); 
    
    UsernamePasswordToken utoken=(UsernamePasswordToken) token;//获取用户输入的token
	System.out.println(utoken);
    //获取token中的的信息uname
	String uname = utoken.getUsername();
	//根据名字查询数据库
	 Tbsysuser tbsysuser= userInfoService.findByUserName(uname);
	 ByteSource credentialsSalt = ByteSource.Util.bytes(tbsysuser.getSalt());
    SimpleAuthenticationInfo info =new SimpleAuthenticationInfo(uname, tbsysuser.getPassword(),credentialsSalt,this.getClass().getName());
    SecurityUtils.getSubject().getSession().setAttribute("user",tbsysuser);
    return	info;
    }
    /** 
     * 权限认证 
     * JL
     * 
     */  
    @Override  
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {  
    	System.out.println("------------------------------------------------------------->    doGetAuthorizationInfo");
		/*获取用户名*/
		String uname=(String) principal.fromRealm(this.getClass().getName()).iterator().next();//获取session中的用户
		/*根据用户名查询权限*/
		Post post = userInfoService.findPostByUserName(uname);
		List<String> list = new ArrayList<String>();
		if(uname != null){
			/*调用权限分配的方法*/
			list = getPermissionsByUname(post.getId());
		}
		/*创建shiro中的SimpleAuthorizationInfo*/
        SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
        info.addStringPermissions(list);//将权限放入shiro中.
        return info;
    }  
    /**
	 * 权限分配封装的方法
	 * 
	 * JL
	 */
	public List<String> getPermissionsByUname(int id){
		/*根据用户名查询用户的角色         是一个List*/
		List<Role> roles = userInfoService.findRoleByPostId(id);
		//角色中的权限列表
		List<String> list = new ArrayList<String>();
		if(roles.size()>0){
			for(Role role:roles){
				/*查询每个角色所对应的权限*/
				List<Tbsysmenu> tbsysmenu = userInfoService.findMenuByRoleId(role.getId());
				if(tbsysmenu.size()>0){
					for(Tbsysmenu m:tbsysmenu){
						/*把每个权限对应的url放入List中*/
						list.add(m.getPageaddress());
					}
				}
			}
		}
		return list;
	}
}  